Описание
Security update for zlib
This update for zlib fixes the following issues:
- Incompatible declarations for external linkage function deflate (bnc#1003577)
- CVE-2016-9842: Undefined Left Shift of Negative Number (bnc#1003580)
- CVE-2016-9840 CVE-2016-9841: Out-of-bounds pointer arithmetic in inftrees.c (bnc#1003579)
- CVE-2016-9843: Big-endian out-of-bounds pointer
Список пакетов
SUSE Linux Enterprise Server 11 SP4
zlib-1.2.7-0.14.1
zlib-32bit-1.2.7-0.14.1
zlib-x86-1.2.7-0.14.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
zlib-1.2.7-0.14.1
zlib-32bit-1.2.7-0.14.1
zlib-x86-1.2.7-0.14.1
SUSE Linux Enterprise Software Development Kit 11 SP4
zlib-devel-1.2.7-0.14.1
zlib-devel-32bit-1.2.7-0.14.1
Ссылки
- Link for SUSE-SU-2016:3209-1
- E-Mail link for SUSE-SU-2016:3209-1
- SUSE Security Ratings
- SUSE Bug 1003577
- SUSE Bug 1003579
- SUSE Bug 1003580
- SUSE Bug 1013882
- SUSE CVE CVE-2016-9840 page
- SUSE CVE CVE-2016-9841 page
- SUSE CVE CVE-2016-9842 page
- SUSE CVE CVE-2016-9843 page
Описание
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:zlib-1.2.7-0.14.1
SUSE Linux Enterprise Server 11 SP4:zlib-32bit-1.2.7-0.14.1
SUSE Linux Enterprise Server 11 SP4:zlib-x86-1.2.7-0.14.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:zlib-1.2.7-0.14.1
Ссылки
- CVE-2016-9840
- SUSE Bug 1003579
- SUSE Bug 1022633
- SUSE Bug 1023215
- SUSE Bug 1038505
- SUSE Bug 1062104
- SUSE Bug 1120866
- SUSE Bug 1123150
- SUSE Bug 1127473
- SUSE Bug 1184301
Описание
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:zlib-1.2.7-0.14.1
SUSE Linux Enterprise Server 11 SP4:zlib-32bit-1.2.7-0.14.1
SUSE Linux Enterprise Server 11 SP4:zlib-x86-1.2.7-0.14.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:zlib-1.2.7-0.14.1
Ссылки
- CVE-2016-9841
- SUSE Bug 1003579
- SUSE Bug 1022633
- SUSE Bug 1038505
- SUSE Bug 1064070
- SUSE Bug 1070162
- SUSE Bug 1120866
- SUSE Bug 1123150
- SUSE Bug 1127473
Описание
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:zlib-1.2.7-0.14.1
SUSE Linux Enterprise Server 11 SP4:zlib-32bit-1.2.7-0.14.1
SUSE Linux Enterprise Server 11 SP4:zlib-x86-1.2.7-0.14.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:zlib-1.2.7-0.14.1
Ссылки
- CVE-2016-9842
- SUSE Bug 1003580
- SUSE Bug 1022633
- SUSE Bug 1023215
- SUSE Bug 1038505
- SUSE Bug 1062104
- SUSE Bug 1120866
- SUSE Bug 1123150
- SUSE Bug 1127473
- SUSE Bug 1184301
Описание
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:zlib-1.2.7-0.14.1
SUSE Linux Enterprise Server 11 SP4:zlib-32bit-1.2.7-0.14.1
SUSE Linux Enterprise Server 11 SP4:zlib-x86-1.2.7-0.14.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:zlib-1.2.7-0.14.1
Ссылки
- CVE-2016-9843
- SUSE Bug 1003580
- SUSE Bug 1013882
- SUSE Bug 1038505
- SUSE Bug 1062104
- SUSE Bug 1116686
- SUSE Bug 1120866
- SUSE Bug 1123150
- SUSE Bug 1127473
- SUSE Bug 1184301